1. Field of the Invention
The present invention relates generally to data encryption and decryption systems and methods and, more particularly, to a method and system for controlling access to a data storage device.
2. Background Information
As electronic data becomes increasingly important, in both the business world and in personal lives, the need to protect such data similarly increases. Electronic data is typically stored on a data storage device. Known data storage devices include hard disk drives, tape drives, and optical disk drives, and may be situated in a computer system. Known computer systems include personal computers, or desktop computers, as well as networked computers.
The importance of the data stored on storage devices cannot be over-emphasized. Business accounting records, personnel records, research information, images, and personal information are stored as data on storage devices, and each is important for obvious reasons.
Therefore, preventing unauthorized access to data is critical. Unauthorized access to data stored on the storage device, often results in tampering with the data. This data tampering may include deletion, corruption, or infection of the data with a computer virus, for example. Any of these may render the data inaccessible or unusable by an authorized user. Thus, the information that the electronic data represents is lost to the user.
Data encryption/decryption is a long established means of controlling access to data. Similarly, systems and methods of data encryption/decryption are common in the prior art. Methods of data encryption and decryption are commonly configured as computer programs and are stored on a computer's storage device. Data encryption/decryption programs may be invoked by a user of the computer or may be invoked during boot up of the computer.
U.S. patent application Ser. No. 09/562,385, to P. Lin, the first the named inventor of the subject application is incorporated herein, in its entirety, by reference. Disclosed therein is a method of authentication of a user by an exchange that includes an electronic serial number, a plurality of substring designations, and a calculated authentication string. A user and an authentication authority each possess an identification string associated with the electronic serial number. By applying one or more operations, some of which may be exchanged across a network and others of which may be associated with the electronic serial number, a different authentication string can be calculated each time authentication is requested, making the methods and devices practicing this invention resistant to efforts to compromise the authentication.